An Efficient Profiling Attack to Real Codes of PIC16F690 and ARM Cortex-M3

Shahram Vafa, Massoud Masoumi, Amir Amini
2020 IEEE Access  
This paper presents a new and efficient method based on power analysis, hierarchical recognition of instructions, and machine learning for reverse engineering of the instructions of PIC16F690 as an 8-bit microcontroller and LPC1768, which includes an ARM Cortex-M3 core as a 32-bit platform. Both dynamic and static power consumption were considered and analyzed. The instructions were classified in different Hamming weight groups using ensemble classification algorithms along with the
more » ... bler feature selection method to improve the recognition rate of opcodes and operands of real instructions. Results demonstrated 99.5% and 93.3% average success rate in recovering test instructions and real codes of PIC16F690, respectively. This work also presents promising results in reverse engineering of the instructions of LPC1768 with an overall recognition rate of 98% for test codes and 80.2% for real codes. To the best of our knowledge, this is the first serious report about profiling attack to a 32-bit platform without the need for any sophisticated laboratory tools. INDEX TERMS Template Attacks, Reverse Engineering of Instructions, Ensemble Classification.
doi:10.1109/access.2020.3043395 fatcat:rcgkj523efhmverofltupemocm